microsoft
/
WSL2-Linux-Kernel
зеркало из https://github.com/microsoft/WSL2-Linux-Kernel.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
WSL2-Linux-Kernel/include
История
Sabrina Dubroca 5bd8baab08 esp: limit skb_page_frag_refill use to a single page 
Commit ebe48d368e ("esp: Fix possible buffer overflow in ESP
transformation") tried to fix skb_page_frag_refill usage in ESP by
capping allocsize to 32k, but that doesn't completely solve the issue,
as skb_page_frag_refill may return a single page. If that happens, we
will write out of bounds, despite the check introduced in the previous
patch.

This patch forces COW in cases where we would end up calling
skb_page_frag_refill with a size larger than a page (first in
esp_output_head with tailen, then in esp_output_tail with
skb->data_len).

Fixes: cac2661c53 ("esp4: Avoid skb_cow_data whenever possible")
Fixes: 03e2a30f6a ("esp6: Avoid skb_cow_data whenever possible")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
 		2022-04-13 10:16:11 +02:00
..
acpi
asm-generic
clocksource
crypto
drm
dt-bindings
keys
kunit
kvm
linux
math-emu
media
memory
misc
net esp: limit skb_page_frag_refill use to a single page 2022-04-13 10:16:11 +02:00
pcmcia
ras
rdma
scsi
soc
sound
target
trace
uapi
vdso
video
xen